Sensitive Data of Over 13 Million MacKeeper Users At Risk
The infamous MacKeeper is making the headlines again, not for any good reason too. A security researcher has claimed to have managed to download private user data of over 13 million MacKeeper accounts.
MacKeeper reported to be leaking user data:
Thanks to the company that has never been trusted for its security, integrity or even honesty with its consumers, over 13 million OS X users’ data is allegedly at risk. Chris Vickery, a white hat hacker who has previously exposed security breaches at MLB, ATP, Slipknot, and many Californian schools has reported that he was able to download the sensitive data due to the poor security system of the software suite.
I have recently downloaded over 13 million sensitive account details related to MacKeeper, Zeobit, and/or Kromtech […] stuff like names, email addresses, usernames, password hashes, computer name, ip address, software license and activation codes, type of hardware (ex: “macbook pro”), type of subscriptions, phone numbers and computer serial numbers.
MacKeeper has remained in the news (mostly at the wrong end of it) for its aggressive marketing tactics, false advertising, poor user experience, and most of the time conning users for their money. There have been several times in the past when security industry has suggested OS X users to delete the suite completely. However, it was turned out that even after deleting the software, it managed to leave various traces behind.
If Vickery is right about the amount of data, he was so easily able to download, it might just prove to be the last blow for the software suite. Vickery shared on Reddit that he discovered that the three servers owned by MacKeeper, Kromtech and Zeobit have all been leaking data. He also found MacKeeper’s server to be completely unprotected,
Six hours after making this post (and it being at the top of the Apple subreddit), the database is still completely unprotected […] No log in required at all.Advertisement
Claiming to speed up your Mac, it mostly behaves as a malware than a helpful tool. You can read more about it on this Reddit thread.
Update: researcher has updated the thread with responses from the concerned companies:
UPDATE: Was contacted by Kromtech and was able to provide details to them. The database is now secure.
UPDATE 2: I have discovered 3 additional IP addresses that this data is leaking from. Kromtech has been notified and they are in the process of securing the data (again).
UPDATE 3: Kromtech believes everything is now secure.